Devops Study Guide

DevOps Foundation Exam Study Guide
Accelerate Your DevOps Learning Path

DevOps Institute recognizes that many of you may already have the prerequisite knowledge and
comprehension required to pass the DevOps Foundation exam without needing the foundational
training course. As such, DevOps Institute now offers the following fast track path for those who
already possess the basic skills, knowledge and understanding of what DevOps is, along with the
associated practices being adopted by today’s organizations:
• The DevOps Foundation Exam may be taken online without requiring the Foundation
course to be taken beforehand. Individual learners and community members will have
the option to test-out, if they so choose, by purchasing and scheduling the online exam
directly with our certification partner, PeopleCert, here.
You will now have a choice of entry point – you may take the Foundation course and exam or
take just the exam to achieve the desired outcome (Foundation certification).
For those who would like to forego the Foundation training and go straight to taking the
exam, DevOps Institute has provided the following study tools to help you prepare:
• Glossary of DevOps Terms

• DevOps Foundation Exam Requirements
• DevOps Foundation Sample Exam with Answer Key
As you recognize the need to upskill to remain competitive and advance your career, you will now
have an accelerated path to the advanced Practitioner training offerings and certifications after
successfully achieving the perquisite DevOps Foundation certification.
DevOps Institute is here to help you keep up with the evolution of DevOps practices. If you have
any questions, please reach out to your local education partner or contact DevOps Institute at
CustomerService@DevOpsInstitute.com.
Master Glossary
Term Definition Course Appearances
12-Factor App Design A methodology for building modern, scalable, maintainable software-as-a-service Continuous Delivery
applications. Architecture
2-Factor or 2-Step Two-Factor Authentication, also known as 2FA or TFA or Two-Step Authentication is DevSecOps Engineering
Authentication when a user provides two authentication factors; usually firstly a password and then a
second layer of verification such as a code texted to their device, shared secret,
physical token or biometrics.
A/B Testing Deploy different versions of an EUT to different customers and let the customer Continuous Delivery
feedback determine which is best. Architecture
A3 Problem Solving A structured problem-solving approach that uses a lean tool called the A3 DevOps Foundation
Problem-Solving Report. The term "A3" represents the paper size historically used for
the report (a size roughly equivalent to 11" x 17").
Acceptance of a The "A" in the Magic Equation that represents acceptance by stakeholders. DevOps Leader
Solution
Access Management Granting an authenticated identity access to an authorized resource (e.g., data, DevSecOps Engineering
service, environment) based on defined criteria (e.g., a mapped role), while preventing
an unauthorized identity access to a resource.
Access Provisioning Access provisioning is the process of coordinating the creation of user accounts, e-mail DevSecOps Engineering
authorizations in the form of rules and roles, and other tasks such as provisioning of
physical resources associated with enabling new users to systems or environments.
Administration Testing The purpose of the test is to determine if an End User Test (EUT) is able to process Continuous Delivery
administration tasks as expected. Architecture
Advice Process {+}Any person making a decision must seek advice from everyone meaningfully DevSecOps Engineering
affected by the decision and people with expertise in the matter. Advice received must
be taken into consideration, though it does not have to be accepted or followed. The
objective of the advice process is not to form consensus, but to inform the
decision-maker so that they can make the best decision possible. Failure to follow the
advice process undermines trust and unnecessarily introduces risk to the business.
See: http://reinventingorganizationswiki.com/Decision_Making+
Agile A project management method for complex projects that divides tasks into small Certified Agile Process
"sprints" of work with frequent reassessment and adaptation of plans. Owner, Certified Agile
Service Manager
Agile (adjective) Able to move quickly and easily; well-coordinated. Able to think and understand DevOps Foundation,
quickly; able to solve problems and have new ideas. DevSecOps Engineering
Agile Coach Help teams master Agile development and DevOps practices; enables productive ways DevOps Leader
of working and collaboration
Agile Enterprise Fast moving, flexible and robust company capable of rapid response to unexpected DevOps Foundation,
challenges, events, and opportunities. DevSecOps Engineering
Agile Manifesto A formal proclamation of values and principles to guide an iterative and people-centric DevOps Foundation
approach to software development. http://agilemanifesto.org
Agile Principles The twelve principles that underpin the Agile Manifesto. Certified Agile Service
Manager
Agile Process Design The aspect of Agile Service Management (Agile SM) that applies the same Agile Certified Agile Service
approach to process design as developers do to software development. Manager
Agile Process The aspect of Agile SM that aligns Agile values with ITSM processes through Certified Agile Service
Improvement continuous improvement. Manager
Agile Process Owner An ITSM or other type of process owner that uses Agile and Scrum principles and DevOps Foundation
practices to design, manage and measure individual processes.
Agile Service Framework that ensures that ITSM processes reflect Agile values and are designed Certified Agile Service
Management with "just enough" control and structure in order to effectively and efficiently deliver Manager
services that facilitate customer outcomes when and how they are needed.
Agile Service Process Backlog, Sprint Backlog, Burndown Chart, Process Increment Certified Agile Process
Management Artifacts Owner
Agile Service Process Planning Meeting (optional), Sprint Planning Meeting, Sprint, Daily Scrum, Certified Agile Process
Management Events Sprint Review, Sprint Retrospective Owner
Agile Service Process Owner, Process Improvement Team (Team) and Agile Service Manager. See Certified Agile Process
Management Roles also Scrum Roles. Owner
Agile Service Manager The operational equivalent to Dev's ScrumMaster. A role within an IT organization that DevOps Foundation
understands how to leverage Agile and Scrum methods to improve the design, speed
and agility of ITSM processes.
Agile Software Group of software development methods in which requirements and solutions evolve Continuous Delivery
Development through collaboration between self-organizing, cross-functional teams. Usually applied Architecture, DevOps
using the Scrum or Scaled Agile Framework approach Foundation, DevSecOps
Engineering
Amazon Web Services Amazon Web Services (AWS) is a secure cloud services platform, offering compute DevSecOps Engineering
(AWS) power, database storage, content delivery and other functionality to help businesses
scale and grow.
Analytics Test results processed and presented in an organized manner in accordance with Continuous Delivery
analysis methods and criterion Architecture, DevOps Test
Engineering
Andon A system gives an assembly line worker the ability, and moreover the empowerment, Continuous Delivery
to stop production when a defect is found, and immediately call for assistance. Architecture
Anti-pattern A commonly reinvented but poor solution to a problem. DevOps Foundation
Antifragile The ability to improve with stress rather than merely resist it. DevOps Foundation
API testing The purpose of the test is to determine if an API for an EUT functions as expected. Continuous Delivery
Architecture, DevOps Test
Engineering
Application A set of protocols used to create applications for a specific OS or as an interface DevOps Foundation,
Programming Interface between modules or applications. DevSecOps Engineering
(API)
Application The purpose of the test is to determine if an API for an EUT functions as expected. Continuous Delivery
Programming Interface Architecture
(API) Testing
Application Release Controlled continuous delivery pipeline capabilities including automation (release upon Continuous Delivery
code commit), Architecture
Application Release Controlled continuous delivery pipeline capabilities including automation (release upon Continuous Delivery
Automation (ARA) or code commit), environment modeling (end-to-end pipeline stages, and deploy Architecture
Orchestration (ARO) application binaries, packages or other artifacts to target environments) and release
coordination (project, calendar and scheduling management, integrate with change
control and/or IT service support management).
Application Test Driven Acceptance Test Driven Development (ATDD) is a practice in which the whole team Continuous Delivery
Development (ATDD) collaboratively discusses acceptance criteria, with examples, and then distills them into Architecture
a set of concrete acceptance tests before development begins.
Application Testing The purpose of the test is to determine if an application is performing according to its Continuous Delivery
requirements and expected behaviors. Architecture
Application Under Test The EUT is a software application. E.g. Business application is being tested. Continuous Delivery
(AUT) Architecture, DevOps Test
Engineering
Architecture The fundamental underlying design of computer hardware, software or both in DevSecOps Engineering
combination.
Artifact Any element in a software development project including documentation, test plans, Continuous Delivery
images, data files and executable modules. Architecture, DevOps
Foundation, DevSecOps
Engineering
Artifact Repository Store for binaries, reports and metadata. Example tools include: JFrog Artifactory, Continuous Delivery
Sonatype Nexus. Architecture, DevOps
Foundation
Attack path The chain of weaknesses a threat may exploit to achieve the attacker's objective. For DevSecOps Engineering
example, an attack path may start by compromising a user's credentials, which are
then used in a vulnerable system to escalate privileges, which in turn is used to access
a protected database of information, which is copied out to an attacker's own server(s).
Authentication The process of verifying an asserted identity. Authentication can be based on what you DevSecOps Engineering
know (e.g., password or PIN), what you have (token or one-time code), what you are
(biometrics) or contextual information.
Authorization The process of granting roles to users to have access to resources. DevSecOps Engineering
Autoscaling The ability to automatically and elastically scale and descale infrastructure depending Continuous Delivery
on traffic and capacity. Architecture
Autoscaling The ability to automatically and elastically scale and de-scale infrastructure depending Continuous Delivery
on traffic and capacity variations while maintaining control of costs. Architecture
Backlog Requirements for a system, expressed as a prioritized list of product backlog items Continuous Delivery
usually in the form of 'User Stories'. The product backlog is prioritized by the Product Architecture, DevOps
Owner and should include functional, nonfunctional and technical teamgenerated Foundation
requirements.
Basic Security Hygiene A common set of minimum-security practices that must be applied to all environments DevSecOps Engineering
without exception. Practices include basic network security (firewalls and monitoring),
hardening, vulnerability and patch management, logging and monitoring, basic policies
and enforcement (may be implemented under a "policies as code" approach), and
identity and access management.
Behavior Driven Test cases are created by simulating an EUT's externally observable inputs, and Continuous Delivery
Development (BDD) outputs. Example tool: Cucumber. Architecture
or BehaviorBased
BlackBox Test case only uses knowledge of externally observable behaviors of an EUT. Continuous Delivery
Engineering
Blue/Green Testing or Taking software from the final stage of testing to live production using two Continuous Delivery
Deployments environments labelled Blue and Green. Once the software is working in the green Architecture, DevOps Test
environment, switch the router so that all incoming requests go to the green Engineering
environment - the blue one is now idle.
Bug An error or defect in software that results in an unexpected or system-degrading DevSecOps Engineering
condition.
Bureaucratic Culture Bureaucratic organizations are likely to use standard channels or procedures which DevOps Leader
may be insufficient in a crisis (Westrum).
Burndown Chart Chart showing the evolution of remaining effort against time. Certified Agile Service
Manager, DevOps
Foundation
Bursting Public cloud resources are added as needed to temporarily increase the total Continuous Delivery
computing capacity of a private cloud. Architecture
Business Case Justification for a proposed project or undertaking on the basis of its expected DevOps Leader
commercial benefit.
Business Changing how the business functions. Making this a reality means changing culture, DevSecOps Engineering
Transformation processes, and technologies in order to better align everyone around delivering on the
organization's mission.
Business Value The benefit of an approach to key business KPIs. DevOps Leader
Cadence Flow or rhythm of events. DevOps Foundation,
DevSecOps Engineering
CALMS Model Considered the pillars or values of DevOps: Culture, Automation, Lean, Measurement, DevOps Foundation
Sharing (as put forth by John Willis, Damon Edwards and Jez Humble).
Canary Testing A canary (also called a canary test) is a push of code changes to a small number of Continuous Delivery
end users who have not volunteered to test anything. Architecture
Capacity Test The purpose of the test is to determine if the EUT can handle expected loads such as Continuous Delivery
number of users, number of sessions, aggregate bandwidth. Architecture
CaptureReplay Test cases are created by capturing live interactions with the EUT, in a format that can Continuous Delivery
be replayed by a tool. E.g. Selenium Architecture, DevOps Test
Engineering
Carrots Positive incentives, for encouraging and rewarding desired behaviors. DevSecOps Engineering
Change Addition, modification or removal of anything that could have an effect on IT services. DevOps Foundation,
(ITIL® definition) DevSecOps Engineering
Change Failure Rate A measure of the percentage of failed/rolled back changes. Continuous Delivery
Architecture, DevOps
Foundation
Change Fatigue A general sense of apathy or passive resignation towards organizational changes by DevSecOps Engineering
individuals or teams.
Change Lead Time A measure of the time from a request for change to delivery of the change. DevOps Foundation
Change Management Process that controls all changes throughout their lifecycle. (ITIL definition) DevOps Foundation,
Change Management An approach to shifting or transitioning individuals, teams & organizations from a DevOps Leader
(Organizational) current state to a desired future state. Includes the process, tools & techniques to
manage the people-side of change to achieve the required business outcome(s).
Change-based Test Tests are selected according to a criterion that matches attributes of tests to attributes Continuous Delivery
Selection Method of the code that is changed in a build. Architecture, DevOps Test
Engineering
Chapter Lead A squad line manager in the Spotify model who is responsible for traditional people DevOps Leader
management duties, is involved in day to day work and grows individual and chapter
competence.
Chapters A small family of people having similar skills and who work within the same general DevOps Leader
competency area within the same tribe. Chapters meet regularly to discuss challenges
and area of expertise in order to promote sharing, skill development, re-use and
problem solving.
ChatOps An approach to managing technical and business operations (coined by GitHub) that Continuous Delivery
involves a combination of group chat and integration with DevOps tools. Example tools Architecture, DevOps
include: Atlassian HipChat/Stride, Microsoft Teams, Slack. Foundation, DevOps Test
Engineering
Checkin Action of submitting a software change into a system version management system. Continuous Delivery
Engineering
CI Regression Test A subset of regression tests that are run immediately after a software component is Continuous Delivery
built. Same as Smoke Test. Architecture
ClearBox Same as GlassBox Testing and WhiteBox Testing. Continuous Delivery

Engineering
Cloud Computing The practice of using remote servers hosted on the internet to host applications rather DevSecOps Engineering
than local servers in a private datacenter.
Cloud-Native Native cloud applications (NCA) are designed for cloud computing. Continuous Delivery
Architecture
Cloudbees Cloudbees is a commercially supported proprietary automation framework tool which DevOps Test Engineering
works with and enhances Jenkins by providing enterprise levels support and add-on
functionality.
Clustering A group of computers (called nodes or members) work together as a cluster connected Continuous Delivery
through a fast network acting as a single system. Architecture
Code Coverage A measure of white box test coverage by counting code units that are executed by a Continuous Delivery
test. The code unit may be a code statement, a code branch, or control path or data Architecture, DevOps Test
path through a code module. Engineering
Code Repository A repository where developers can commit and collaborate on their code. It also tracks DevSecOps Engineering
historical versions and potentially identifies conflicting versions of the same code. Also
referred to as "repository" or "repo."
Code Review Software engineers inspect each other's source code to detect coding or code Continuous Delivery
formatting errors. Architecture, DevOps Test
Engineering
Collaboration People jointly working with others towards a common goal. DevOps Foundation,
Collaborative Culture A culture that applies to everyone which incorporates an expected set of behaviors, Continuous Delivery
language and accepted ways of working with each other reinforcement by leadership. Architecture
Compatibility Test Test with the purpose to determine if and EUT interoperates with another EUT such as Continuous Delivery
peertopeer applications or protocols. Architecture, DevOps Test
Engineering
Configuration Configuration management (CM) is a systems engineering process for establishing and Continuous Delivery
Management maintaining consistency of a product's performance, functional, and physical attributes Architecture, DevOps
with its requirements, design, and operational information throughout its life. Foundation, DevSecOps
Engineering
Conformance Test The purpose of the test is to determine if an EUT complies to a standard. Continuous Delivery
Engineering
Constraint Limitation or restriction; something that constrains. See also bottleneck. DevOps Foundation,
Containers A way of packaging software into lightweight, stand-alone, executable packages DevOps Foundation,
including everything needed to run it (code, runtime, system tools, system libraries, DevSecOps Engineering
settings) for development, shipment and deployment.
Continual Service One of the ITIL Core publications and a stage of the service lifecycle. DevOps Foundation
Improvement (CSI)
Continuous Delivery A methodology that focuses on making sure software is always in a releasable state Certified Agile Service
(CD) throughout its lifecycle. Manager, Continuous
Delivery Architecture,
DevOps Foundation,
DevSecOps
Engineering, DevOps Test
Engineering
Continuous Delivery A person who is responsible to guide the implementation and best practices for a Continuous Delivery
(CD) Architect continuous delivery pipeline. Architecture
Continuous Delivery A continuous delivery pipeline refers to the series of processes which are performed on Continuous Delivery
Pipeline product changes in stages. A change is injected at the beginning of the pipeline. A Architecture, DevOps
change may be new versions of code, data or images for applications. Each stage Foundation Course,
processes the artifacts resulting from the prior stage. The last stage results in DevOps Leader
deployment to production.
Continuous Delivery Each process in a continuous delivery pipeline. These are not standard. Examples are Continuous Delivery
Pipeline Stage Design: determine implementation changes; Creation: implement an unintegrated Architecture
version of design changes; Integration: merge
Continuous Deployment A set of practices that enable every change that passes automated tests to be DevOps Foundation,
automatically deployed to production. DevSecOps Engineering
Continuous Flow Smoothly moving people or products from the first step of a process to the last with DevOps Foundation,
minimal (or no) buffers between steps. DevSecOps Engineering
Continuous Based on Deming's Plan-Do-Check-Act, a model for ensure ongoing efforts to improve DevOps Foundation,
Improvement products, processes and services. DevOps Leader
Continuous Integration A development practice that requires developers to merge their code into trunk or Certified Agile Service
(CI) master ideally at least daily and perform tests (i.e. unit, integration and acceptance) at Manager, Continuous
every code commit. Delivery Architecture, Dev
Ops Foundation, DevOps
Test Engineering, DevSec
Ops Engineering
Continuous Integration Tools that provide an immediate feedback loop by regularly merging, building and DevOps Foundation,
Tools testing code. Example tools include: Atlassian Bamboo, Jenkins, Microsoft DevOps Leader
VSTS/Azure DevOps, TeamCity.
Continuous Monitoring This is a class of terms relevant to logging, notifications, alerts, displays and analysis of Continuous Delivery
(CM) test results information Architecture, DevOps Test
Engineering
Continuous Testing This is a class of terms relevant to testing and verification of an EUT in a DevOps DevOps Foundation, Conti
(CT) environment. nuous Delivery
Engineering
Conway's Law Organizations which design systems are constrained to produce designs which are Continuous Delivery
copies of the communication structures of these organizations. Architecture, DevOps
Leader
Cooperation vs. The key cultural value shift toward being highly collaborative and cooperative, and DevSecOps Engineering
Competition away from internal competitiveness and divisiveness.
COTS Commercialofftheshelf solution Continuous Delivery

Engineering
Critical Success Factor Something that must happen for an IT service, process, plan, project or other activity to Certified Agile Process
(CSF) succeed. Owner, Certified Agile
Service Manager, DevOps
Engineering
CSI Register Vehicle for recording and managing improvement opportunities throughout their Certified Agile Service
lifecycle (Continual Service Improvement). Manager
Cultural Iceberg A metaphor that visualizes the difference between observable (above the water) and DevOps Leader
non-observable (below the waterline) elements of culture
Culture (Organizational The values and behaviors that contribute to the unique psychosocial environment of an Continuous Delivery
Culture) organization. Architecture, DevOps
Engineering
Current State Map A form of value stream map that helps you identify how the current process works and DevOps Leader
where the disconnects are.
Cycle Time A measure of the time from start of work to ready for delivery. DevOps Foundation,
Daily Scrum Daily timeboxed event of 15 minutes or less for the Team to replan the next day of Certified Agile Service
work during a Sprint. Manager, DevOps
Foundation
Dashboard Graphical display of summarized test results. Continuous Delivery

Engineering
Defect Density The number of faults found in a unit E.g. # defects per KLOC, # defects per change. Continuous Delivery
Engineering
Definition of Done A shared understanding of expectations that the Increment must live up to in order to Certified Agile Process
be releasable into production (Scrum.org) Owner, Certified Agile
Foundation, DevOps
Leader
Delivery Cadence The frequency of deliveries. E.g. # deliveries per day, per week, etc. Continuous Delivery
Engineering
Delivery Package Set of release items (files, images, etc.) that are packaged for deployment. Continuous Delivery
Engineering
Deming Cycle A four-stage cycle for process management, attributed to W. Edwards Deming. Also DevOps Foundation,
called Plan-Do-Check-Act (PDCA). DevSecOps Engineering
Deployment The installation of a specified version of software to a given environment (e.g., DevOps Foundation,
promoting a new build into production). DevSecOps Engineering
Design for Testability An EUT is designed with features which enable it to be tested. Continuous Delivery
Engineering
Design Principles Principles for designing, organizing, and managing a DevOps delivery operating model. DevOps Leader
Dev Individuals involved in software development activities such as application and DevOps Foundation,
software engineers. DevSecOps Engineering
Developer (Dev) Individual who has responsibility to develop changes for an EUT. Alternate: Individuals Continuous Delivery
involved in software development activities such as application and software Architecture, DevOps Test
engineers. Engineering
Development Test Ensuring that the developer's test environment is a good representation of the Continuous Delivery
production test environment. Architecture, DevOps Test
Engineering
Device Under Test The EUT is a device. E.g. Router or switch is being tested. Continuous Delivery
(DUT) Architecture, DevOps Test
Engineering
DevOps A cultural and professional movement that stresses communication, collaboration and Certified Agile Service
integration between software developers and IT operations professionals while Manager, DevOps
automating the process of software delivery and infrastructure changes. It aims at Foundation, DevSecOps
establishing a culture and environment where building, testing, and releasing software, Engineering
can happen rapidly, frequently, and more reliably." (Source: Wikipedia)
DevOps Infrastructure The entire set of tools and facilities that make up the DevOps system. Includes CI, CT, Continuous Delivery
CM and CD tools. Architecture, DevOps Test
Engineering
DevOps Pipeline The entire set of interconnected processes that make up a DevOps Infrastructure. Continuous Delivery
Engineering
DevOps Toolchain The tools needed to support a DevOps continuous development and delivery cycle Continuous Delivery
from idea to value realisation. Architecture, DevOps
Engineering, DevOps Test
Engineering
DevSecOps A mindset that "everyone is responsible for security" with the goal of safely distributing Continuous Delivery
security decisions at speed and scale to those who hold the highest level of context Architecture, DevOps
without sacrificing the safety required. Foundation, DevSecOps
Engineering
Distributed Version The software revisions are stored in a distributed revision control system (DRCS), also Continuous Delivery
Control System (DVCS) known as a distributed version control system (DVCS). Architecture
DMZ (De-Militarized A DMZ in network security parlance is a network zone in between the public internet DevSecOps Engineering
Zone) and internal protected resources. Any application, server, or service (including APIs)
that need to be exposed externally are typically placed in a DMZ. It is not uncommon to
have multiple DMZs in parallel.
Dynamic Analysis The purpose of the test is to determine the performance characteristics of an EUT such Continuous Delivery
as timing of specific Architecture, DevOps Test
Engineering
Dynamic Application A type of testing that runs against built code to test exposed interfaces. DevSecOps Engineering
Security Testing (DAST)
EggPlant Automated function and regression testing of enterprise applications. Licensed by Test DevOps Test Engineering
Plant.
Elastic Infrastructure Continuous Delivery

Architecture
Elevator Pitch A short summary used to quickly and simply define a process, product, service, Certified Agile Process
organization, or event and its value proposition. Owner
Empirical Process Process control model in which decisions are made based on observation and Certified Agile Process
Control experimentation (rather than on detailed upfront planning) and decisions are based on Owner
what is known.
Entity Under Test (EUT) This is a class of terms which refers to names of types of entities that are being tested. Continuous Delivery
These terms are often abbreviated to the form xUT where "x" represents a type of Architecture, DevOps Test
entity under test. These objects may be Engineering
Epic Large user story. Certified Agile Process

Owner
Erickson (Stages of Erik Erikson (1950, 1963) proposed a psychoanalytic theory of psychosocial DevSecOps Engineering
Psychosocial development comprising eight stages from infancy to adulthood. During each stage,
Development) the person experiences a psychosocial crisis which could have a positive or negative
outcome for personality development.
Fail Early A DevOps tenet referring to the preference to find critical problems as early as possible Continuous Delivery
in a development and delivery pipeline. Architecture, DevOps Test
Engineering
Fail Often A DevOps tenet which emphasizes a preference to find critical problems as fast as Continuous Delivery
possible and therefore frequently. Architecture, DevOps Test
Engineering
Failure Rate Fail verdicts per unit of time. DevOps Foundation,

Continuous Delivery
Engineering
False Negative A test incorrectly reports a verdict of "fail" when the EUT actually passed the purpose Continuous Delivery
of the test. Architecture, DevOps Test
Engineering
False Positive A test incorrectly reports a verdict of "pass" when the EUT actually failed the purpose Continuous Delivery
of the test. Architecture, DevOps Test
Engineering
Feature Toggle The practice of using software switches to hide or activate features. This enables DevOps Foundation,
continuous integration and testing a feature with selected stakeholders. Continuous Delivery
Engineering
Federated Identity A central identity used for access to a wide range of applications, systems, and DevSecOps Engineering
services, but with a particular skew toward web-based applications. Also, often
referenced as Identity-as-a-Service (IDaas). Any identity that can be reused across
multiple sites, particularly via SAML or OAuth authentication mechanisms.
Flow How people, products or information move through a process. Flow is the first way of DevOps Foundation,
The Three Ways. DevSecOps Engineering
Flow of Value A form of map that shows the end-to-end value stream. This view is usually not DevOps Leader
available within the enterprise.
Framework Backbone for plugging in tools. Launches automated tasks, collects results from Continuous Delivery
automated tasks. Architecture, DevOps Test
Engineering
Freedom and A core cultural value that with the freedom of self-management (such as afforded by DevSecOps Engineering
Responsibility DevOps) comes the responsibility to be diligent, to follow the advice process and to
take ownership of both successes and failures.
Frequency How often an application is released. DevOps Leader
Future State Map A form of value stream map that helps you develop and communicate what the target DevOps Leader
end state should look like and how to tackle the necessary changes
Fuzzing Fuzzing or fuzz testing is an automated software testing practice that inputs invalid, DevSecOps Engineering
unexpected, or random data into applications.
Gains from accelerated A formula for calculating revenue gains from accelerated time to market of new DevOps Leader
time to market of new functionality. GTM = [Revenue Increase estimation] x [Revenue per year]
functionality (GTM)
Gains from Cost A formula for calculating gains from cost reduction of application failures. GQL = DevOps Leader
Reduction of Application [Failures per Year] x [Average minutes to recover difference] x[Revenue per minute]
Failures (GQL)
Gains from Enhanced A formula for calculating gains from enhanced IT team productivity. GHC = [IT Average DevOps Leader
IT Team Productivity Salary] x [IT Staff headcount] x[% Saving Hours per Week per Person]
(GHC)
Gated Commits Define and obtain consensus for criterion of changes promoted between all CD Continuous Delivery
pipeline stages such as: Dev to CI stage / CI to packaging / delivery stage / Delivery to Architecture
Deployment/Production stage
Generative (DevOps) In a generative organization alignment takes place through identification with the DevOps Leader
Culture mission. The individual ''buys into'' what he or she is supposed to do and its effect on
the outcome. Generative organizations tend to be proactive in getting the information to
the right people by any means. necessary. (Westrum)
Generativity A cultural view wherein long-term outcomes are of primary focus, which in turn drives DevSecOps Engineering
investments and cooperation that enable an organization to achieve those outcomes.
GlassBox Same as ClearBox Testing and WhiteBox Testing. Continuous Delivery

Engineering
Global Process Owner Process Owner who oversees a single, global process. A Global Process Owner (who Certified Agile Process
may reside in a SMO) may oversee one or more Regional Process Managers. Owner
Goalseeking tests The purpose of the test is to determine an EUT's performance boundaries, using Continuous Delivery
incrementally stresses until the EUT reaches a peak performance. E.g. Determine the Architecture, DevOps Test
maximum throughput that can be handled without errors. Engineering
Golden Circle A model by Simon Sinek that emphasizes an understanding of the business' "why" DevOps Foundation
before focusing on the "what" and "how".
Golden Image A template for a virtual machine (VM), virtual desktop, server or hard disk drive. DevSecOps Engineering
(TechTarget)
Governance, Risk A software platform intended for concentrating governance, compliance and risk DevSecOps Engineering
Management and management data, including policies, compliance requirements, vulnerability data, and
Compliance (GRC) sometimes asset inventory, business continuity plans, etc. In essence, a specialized
document and data repository for security governance. Or a team of people who
specialize in IT/security governance, risk management and compliance activities. Most
often non-technical business analyst resources.
GrayBox Test cases use a limited knowledge of the internal design structure of the EUT. Continuous Delivery
Engineering
GUI testing The purpose of the test is to determine if the graphical user interface operates as Continuous Delivery
expected. Architecture, DevOps Test
Engineering
Guilds A "community of interest" group that welcomes anyone and usually cuts across an DevOps Foundation,
entire organization. Similar to a Community of Practice. DevOps Leader
Hand Offs The procedure for transferring the responsibility of a particular task from one individual DevOps Foundation,
or team to another. DevOps Leader
Hardening Securing a server or infrastructure environment by removing or disabling unnecessary DevSecOps Engineering
software, updating to known good versions of the operating system, restricting
network-level access to only that which is needed, configuring logging in order to
capture alerts, configuring appropriate access management and installing appropriate
security tools.
High-Trust Culture Organizations with a high-trust culture encourage good information flow, DevOps Foundation
cross-functional collaboration, shared responsibilities, learning from failures and new
ideas.
Horizontal Scaling Computing resources are scaled wider to increase the volume of processing. E.g. Add Continuous Delivery
more computers and run more tasks in parallel. Architecture, DevOps Test
Engineering
Idempotent CM tools (e.g., Puppet, Chef, Ansible, and Salt) claim that they are 'idempotent' by Continuous Delivery
allowing the desired state of a server to be defined as code or declarations and Architecture
automate steps necessary to consistently achieve the defined state timeaftertime.
Identity The unique name of a person, device, or the combination of both that is recognized by DevSecOps Engineering
a digital system. Also referred to as an "account" or "user."
Identity and Access Policies, procedures and tools for ensuring the right people have the right access to DevSecOps Engineering
Management (IAM) technology resources.
Identity as a Service Identity and access management services that are offered through the cloud or on a DevSecOps Engineering
(IDAAS) subscription basis.
Imagebased test Build images are preassigned test cases. Tests cases are selected for a build by Continuous Delivery
selection method matching the image changes resulting from a build Architecture, DevOps Test
Engineering
Immersive learning A learning approach that guides teams with coaching and practice to help them learn to DevOps Leader
work in a new way.
Immutable An immutable object is an object whose state cannot be modified after it is created. Continuous Delivery
The antonym is a mutable object, which can be modified after it is created. Architecture
Immutable Instead of instantiating an instance (server, container, etc.), with errorprone, Continuous Delivery
Infrastructures timeconsuming patches and upgrades (i.e. mutations), replace it with another instance Architecture
to introduce changes or ensure proper behavior.
Impediment Anything that prevents a team member from performing work as efficiently as possible. Certified Agile Process
Owner, Certified Agile
Foundation
Impediment (Scrum) Anything that prevents a team member from performing work as efficiently as possible. Agile Service
Management, DevOps
Foundation
Implementation Under The EUT is a software implementation. E.g. Embedded program is being tested. Continuous Delivery
Test Architecture, DevOps Test
Engineering
Improvement Kata A structured way to create a culture of continuous learning and improvement. (In DevOps Foundation
Japanese business, Kata is the idea of doing things the "correct" way. An
organization's culture can be characterized as its Kata through its consistent role
modeling, teaching and coaching.)
Incentive model A system designed to motivate people to complete tasks toward achieving objectives. DevSecOps Engineering
The system may employ either positive or negative consequences for motivation.
Incident Any unplanned interruption to an IT service or reduction in the quality of an IT service. DevOps Foundation,
Includes events that disrupt or could disrupt the service. (ITIL definition) DevSecOps Engineering
Incident Management Process that restores normal service operation as quickly as possible to minimize DevOps Foundation,
business impact and ensure that agreed levels of service quality are maintained. (ITIL DevSecOps Engineering
definition)
Incident Response "[An] organized approach to addressing and managing the aftermath of a security DevSecOps Engineering
breach or attack (also known as an incident). The goal is to handle the situation in a
way that limits damage and reduces recovery time and costs." http://searchsecurity.tec
htarget.com/definition/incident-response
Increment Potentially shippable completed work that is the outcome of a Sprint. Certified Agile Service
Manager, DevOps
Foundation
Infrastructure All of the hardware, software, networks, facilities, etc., required to develop, test, deliver, DevOps Foundation,
monitor and control or support IT services. The term IT infrastructure includes all of the DevSecOps Engineering
information technology but not the associated people, processes and documentation.
(ITIL definition)
Infrastructure as Code The practice of using code (scripts) to configure and manage infrastructure. DevOps Foundation,
Infrastructure test The purpose of the test is to verify the framework for EUT operating. E.g. verify specific Continuous Delivery
operating system Architecture
Infrastructure test The purpose of the test is to verify the framework for EUT operating. E.g. verify specific DevOps Test Engineering
operating system utilities function as expected in the target environment.
InfrastructureasaService Ondemand access to a shared pool of configurable computing resources Continuous Delivery
(IaaS) Architecture, DevOps Test
Engineering
Integrated development An integrated development environment (IDE) is a software suite that consolidates the DevSecOps Engineering
environment (IDE) basic tools developers need to write and test software. Typically, an IDE contains a
code editor, a compiler or interpreter and a debugger that the developer accesses
through a single graphical user interface (GUI). An IDE may be a standalone
application, or it may be included as part of one or more existing and compatible
applications. (TechTarget)
Integrated development Linting is the process of running a program that will analyze code for potential errors DevSecOps Engineering
environment (IDE) 'lint' (e.g., formatting discrepancies, non-adherence to coding standards and conventions,
checks logical errors).
Internet of Things A network of physical devices that connect to the internet and potentially to each other DevOps Foundation,
through web-based wireless services. DevSecOps Engineering
INVEST A mnemonic was created by Bill Wake as a reminder of the characteristics of a quality Certified Agile Service
user story Manager
ISO 31000 A family of standards that provide principles and generic guidelines on risk DevSecOps Engineering
management.
ISO/IEC 20000 International standard for IT service management. ISO/IEC 20000 is used to audit and DevOps Foundation
certify service management capabilities.
Issue Management A process for capturing, tracking, and resolving bugs and issues throughout the DevSecOps Engineering
software development lifecycle.
IT Infrastructure Library Set of best practice publications for IT service management. Published in a series of Certified Agile Process
(ITIL) five core books representing the stages of the IT service lifecycle which are: Service Owner
Strategy, Service Design, Service Transition, Service Operation and Continual Service
Improvement.
IT Service A service provided to a customer from an IT organization. DevOps Foundation
IT Service Management Implementation and management of quality IT services that meet the needs of the Certified Agile Process
(ITSM) business. (ITIL definition) Owner
iTest Tool licensed by Spirent Communications for creating automated test cases. DevOps Test Engineering
ITIL Set of best practice publications for IT service management. Published in a series of Certified Agile Service
five core books representing the stages of the IT service lifecycle which are: Service Manager, DevOps
Strategy, Service Design, Service Transition, Service Operation and Continual Service Foundation
Improvement.
Jenkins Jenkins is a freeware tool. It is the most popular master automation framework tool, Continuous Delivery
especially for continuous integration task automation. Jenkins task automation centers Architecture
around timed processes. Many test tools and other tools offer plugins to simplify
integration with Jenkins. Reference
Jenkins Jenkins is a freeware tool. It is the most popular master automation framework tool, DevOps Test Engineering
especially for continuous integration task automation. Jenkins task automation centers
around timed processes. Many test tools and other tools offer plugins to simplify
integration with Jenkins. Reference jenkins.org
Kaizen The practice of continuous improvement. DevOps Foundation
Kanban Method of work that pulls the flow of work through a process at a manageable pace. Certified Agile Service
Manager, DevOps
Foundation
Kanban Board Tool that helps teams organize, visualize and manage work. DevOps Foundation
Key Metrics Something that is measured and reported upon to help manage a process, IT service DevOps Leader
or activity.
Key Performance Key metric used to measure the achievement of critical success factors. KPIs underpin Certified Agile Process
Indicator critical success factors and are measured as a percentage. Owner, Certified Agile
Service Manager
Key Performance Key metric used to measure the achievement of critical success factors. KPIs underpin Certified Agile Service
Indicator (KPI) critical success factors and are measured as a percentage. (ITIL definition) Manager, DevOps
Foundation
KeywordsBased Test cases are created using predefined names that reference programs useful for Continuous Delivery
testing. Architecture, DevOps Test
Engineering
Knowledge Process that ensures the right information is delivered to the right place or person at DevSecOps Engineering
Management the right time to enable an informed decision.
Knowledge Process that ensures the right information is delivered to the right place or person at DevOps Foundation
Management the right time to enable an informed decision.
Known Error Problem with a documented root cause and a workaround. (ITIL definition) DevOps Foundation,
Kubler-Ross Change Describes and predicts the stages of personal and organizational reaction to major DevOps Foundation
Curve changes.
LabasaService (LaaS) Category of cloud computing services that provides a laboratory allowing customers to Continuous Delivery
test applications without the complexity of building and maintaining the lab Architecture, DevOps Test
infrastructure Engineering
Laloux (Culture Models) Frederic Laloux created a model for understanding organizational culture. DevSecOps Engineering
Lean Production philosophy that focuses on reducing waste and improving the flow of DevOps Leader
processes to improve overall customer value.
Lean (adjective) Spare, economical. Lacking richness or abundance. DevOps Foundation,

Lean (production) Production philosophy that focuses on reducing waste and improving the flow of DevOps Foundation,
processes to improve overall customer value. DevSecOps Engineering
Lean 1/4-2-20 rule For every quartering of the total completion time, productivity will double, and cost will DevOps Leader
be reduced by 20%.
Lean Enterprise Organization that strategically applies the key ideas behind lean production across the DevOps Foundation,
enterprise. DevSecOps Engineering
Lean IT Applying the key ideas behind lean production to the development and management of DevOps Foundation,
IT products and services. DevSecOps Engineering
Lean Manufacturing Lean production philosophy derived mostly from the Toyota Production System. DevOps Foundation,
Lean Six Sigma Management approach that combines the concepts of Lean Manufacturing and Six Certified Agile Process
Sigma by removing 'waste' and reducing 'defects.' Owner
Lean Startup A system for developing a business or product in the most efficient way possible to DevOps Leader
reduce the risk of failure.
Lean Thinking The goal of lean thinking is to create more value for customers with fewer resources Certified Agile Service
and less waste. Waste is considered any activity that does not add value to the Manager
process.
LoadRunner Tool used to test applications, measuring system behavior and performance under Continuous Delivery
load. Licensed by HP Architecture, DevOps Test
Engineering
Log Serialized report of details such as test activities and EUT console logs. Continuous Delivery
Engineering
Log Management {+}"The collective processes and policies used to administer and facilitate the DevSecOps Engineering
generation, transmission, analysis, storage, archiving and ultimate disposal of the large
volumes of log data created within an information system." http://searchitoperations.tec
htarget.com/definition/log-management+
Longevity Test The purpose of the test is to determine if a complete system performs as expected Continuous Delivery
over an extended period of time Architecture, DevOps Test
Engineering
Machine Learning Data analysis that uses algorithms that learn from data. DevOps Foundation
Magic Equation A change effectiveness formula adapted from GE's Change Acceleration Program for DevOps Leader
DevOps. (D)evops=Q(uality) of a solution times (A)cceptance of the strategy (D=QxA)
Many-factor The practice of using at least 2 factors for authentication. The two factors can be of the DevSecOps Engineering
Authentication same class.
Mean Time Between Used to measure deployment frequency. DevOps Foundation,

Deploys DevSecOps Engineering
Mean Time Between Average time that a CI or IT service can perform its agreed function without DevOps Foundation,
Failures (MTBF) interruption. Often used to measure reliability. Measured from when the CI or service DevSecOps Engineering
starts working, until the time it fails (uptime). (ITIL definition)
Mean Time to Detect Average time required to detect a failed component or device. Continuous Delivery
Defects (MTTD) Architecture, DevOps
Engineering
Mean Time to Detect Average time required to detect a failed component or device. DevOps Foundation,
Incidents (MTTD) DevSecOps Engineering
Mean time to Discovery How long a vulnerability or software bug/defect exists before it's identified. DevSecOps Engineering
Mean time to Patch How long it takes to apply patches to environments once a vulnerability has been DevSecOps Engineering
identified.
Mean Time to Repair Average time required to repair a failed component or device. MTTR does not include DevOps Foundation,
(MTTR) the time required to recover or restore service. DevSecOps Engineering
Mean time to Resolution How long it takes for a production-impacting issue to be resolved. DevSecOps Engineering
Mean Time to Restore Used to measure time from when the CI or IT service fails until it is fully restored and DevOps Foundation,
Service (MTRS) delivering its normal functionality (downtime). Often used to measure maintainability. DevSecOps Engineering
(ITIL definition)
Merge Action of integrating a software changes together into a software version management Continuous Delivery
system. Architecture, DevOps Test
Engineering
Metric Something that is measured and reported upon to help manage a process, IT service DevOps Foundation,
or activity. DevSecOps Engineering
Metrics This is a class of terms relevant to measurements used to monitor the health of a Continuous Delivery
product or infrastructure Architecture, DevOps Test
Engineering
Microservices A software architecture that is composed of smaller modules that interact through APIs DevOps Foundation
and can be updated without affecting the entire system.
Minimum Critical Activities that must be performed to provide evidence of compliance with a given Certified Agile Process
Activities process. Owner
Minimum Viable Most minimal version of a product that can be released and still provide enough value Certified Agile Service
Product that people are willing to use it. Manager, DevOps
Foundation
Mock Object Mock is a method/object that simulates the behavior of a real method/object in Continuous Delivery
controlled ways. Mock objects are used in unit testing. Often a method under a test Architecture, DevOps Test
calls other external services or methods within it. These are called dependencies. Engineering
Model Representation of a system, process, IT service, CI, etc. that is used to help DevSecOps Engineering
understand or predict future behavior. In the context of processes, models represent
pre-defined steps for handling specific types of transactions.
ModelBased Test cases are automatically derived from a model of the entity under test. Example Continuous Delivery
tool: Tricentus Architecture, DevOps Test
Engineering
Monitoring Tools Tools that allow IT organizations to identify specific issues of specific releases and to DevOps Leader
understand the impact on end-users.
Monolithic A software system is called "monolithic" if it has a monolithic architecture, in which Continuous Delivery
functionally distinguishable aspects (for example data input and output, data Architecture
processing, error handling, and the user interface) are all interwoven, rather than
containing architecturally separate components.
Multi-factor The practice of using 2 or more factors for authentication. Often used synonymously DevSecOps Engineering
Authentication with 2-factor Authentication.
Multicloud Multicloud DevOps solutions provide ondemand multitenant access to development Continuous Delivery
and test Architecture
Non-functional Requirements that specify criteria that can be used to judge the operation of a system, DevOps Foundation
requirements rather than specific behaviors or functions (e.g., availability, reliability, maintainability,
supportability); qualities of a system.
Object Under Test The EUT is a software object or class of objects. Continuous Delivery
(OUT) Architecture, DevOps Test
Engineering
Objective An aim or goal of a process. Certified Agile Process

Owner
Open Source Software that is distributed with its source code so that end user organizations and DevOps Foundation,
vendors can modify it for their own purposes. DevSecOps Engineering
Operational Level Agreement between an IT service provider and another part of the same organization. Certified Agile Process
Agreement (ITIL definition) Owner
Operations (Ops) Individuals involved in the daily operational activities needed to deploy and manage Continuous Delivery
systems and services such as quality assurance analysts, release managers, system Architecture
and network administrators, information security officers, IT operations specialists and
service desk analysts.
Operations Function that performs the daily activities needed to deliver and support IT services DevSecOps Engineering
Management and the supporting IT infrastructure at the agreed levels. (ITIL)
Ops Individuals involved in the daily operational activities needed to deploy and manage DevOps Foundation,
systems and services such as quality assurance analysts, release managers, system DevSecOps Engineering
and network administrators, information security officers, IT operations specialists and
service desk analysts.
Orchestration An approach to building automation that interfaces or "orchestrates" multiple tools DevOps Foundation,
together to form a toolchain. DevSecOps Engineering
Organization Culture A system of shared values, assumptions, beliefs, and norms that unite the members of DevOps Leader
an organization.
Organization Model For DevOps, an approach that models Spotify's Squad approach for organizing IT. DevOps Leader
Organizational Change Efforts to adapt the behavior of humans within an organization to meet new structures, DevOps Foundation,
processes or requirements. DevSecOps Engineering
OS Virtualization A method for splitting a server into multiple partitions called "containers" or "virtual DevOps Foundation
environments" in order to prevent applications from interfering with each other.
Outcome Intended or actual results. DevOps Foundation,

Output Deliverable produced by a process activity (e.g., information, plans, documents, Certified Agile Process
records, reports and so forth). Owner
Patch A software update designed to address (mitigate/remediate) a bug or weakness. DevSecOps Engineering
Patch management The process of identifying and implementing patches. DevSecOps Engineering
Pathological Culture Pathological cultures tend to view information as a personal resource, to be used in DevOps Leader
political power struggles (Westrum)
Penetration Testing, or From Wikipedia: "an authorized simulated attack on a computer system that looks for DevSecOps Engineering
Pentesting security weaknesses, potentially gaining access to the system's features and data." htt
ps://en.wikipedia.org/wiki/Penetration_test It should be noted that pentesting is
distinctly different from vulnerability scanning (vuln scanning), though a vuln scan may
be performed during a pentest engagement. Sometimes also referred to as "red
teaming" or "tiger teaming," though this isn't necessarily correct. Red teams or tiger
teams are designed to model specific threats rather than the more broad pentesting
objective of looking for as many weaknesses as possible.
People Changes Focuses on changing attitudes, behaviors, skills, or performance of employees DevOps Leader
Performance Test The purpose of the test is to determine an EUT meets its system performance criterion Continuous Delivery
or to determine what a system's performance capabilities are. Architecture, DevOps Test
Engineering
Plan Formal, approved document that describes the capabilities and resources needed to Certified Agile Process
achieve a result. Owner
Plan-Do-Check-Act A four-stage cycle for process management and improvement attributed to W. Edwards Certified Agile Process
Deming. Sometimes called the Deming Cycle or PDCA. Owner, Certified Agile
Service Manager
Plan-Do-Check-Act Four-stage cycle for process management, attributed to W. Edwards Deming. Also Certified Agile Service
(PDCA) known as the Deming Cycle. Manager, DevOps
Engineering
PlatformasaService Category of cloud computing services that provides a platform allowing customers to Continuous Delivery
(PaaS) develop, run, and manage applications without the complexity of building and Architecture, DevOps Test
maintaining the infrastructure Engineering
Plugin A preprogrammed integration between an Orchestration tool and other tools. For Continuous Delivery
example, many tools offer plugins to integrate with Jenkins. Architecture, DevOps Test
Engineering
Policies Formal documents that define boundaries in terms of what the organization may or DevOps Foundation,
may not do as part of its operations. DevSecOps Engineering
Policy Formal document that describes the overall intentions and direction of a service Certified Agile Process
provider, as expressed by senior management. Owner
Policy as Code The notion that security principles and concepts can be articulated in code (e.g., DevSecOps Engineering
software, configuration management, automation) to a sufficient degree that the need
for an extensive traditional policy framework is greatly reduced. Standards and
guidelines should be implemented in code and configuration, automatically enforced
and automatically reported-on in terms of compliance, variance or suspected violations.
Post Implementation A review that takes place after a change or a project has been implemented that Certified Agile Service
Review assesses whether the change was successful and opportunities for improvement. Manager
Post Implementation Review that takes place after a change or a project has been implemented that Certified Agile Service
Review (PIR) assesses whether the change was successful and opportunities for improvement. Manager, DevOps
Foundation
Potentially Shippable Increment of work that is "done" and capable of being released if it makes sense to do Certified Agile Service
Product so. Manager, DevOps
Foundation
PreFlight This is a class of terms which refers names of activities and processes that are Continuous Delivery
conducted on an EUT prior to integration into the trunk branch. Architecture, DevOps Test
Engineering
Priority The relative importance of an incident, problem or change; based on impact and DevOps Foundation,
urgency. (ITIL definition) DevSecOps Engineering
Privileged Access Technologies that help organizations provide secured privileged access to critical DevSecOps Engineering
Management (PAM) assets and meet compliance requirements by securing, managing and monitoring
privileged accounts and access. (Gartner)
Problem The underlying cause of one or more incidents. (ITIL definition) DevOps Foundation,
Procedure Stepbystep instructions that describe how to perform the activities in a process. Certified Agile Service
Manager
Process Structured set of activities designed to accomplish a specific objective. A process takes Certified Agile Service
inputs and turns them into defined outputs. Related work activities that take specific Manager, DevOps
inputs and produce specific outputs that are of value to a customer. Foundation, DevSecOps
Engineering
Process Backlog Prioritized list of everything that needs to be designed or improved for a process Certified Agile Service
including current and future requirements. Manager
Process Changes Focuses on changes to standard IT process, such as software development practices, DevOps Leader
ITIL processes, change management, approvals etc.
Process Customer Recipient of a process' output. Certified Agile Service

Manager
Process Improvement Team of individuals that designs or redesigns a process and determines how best to Certified Agile Process
Team implement the new process across the organization. Owner
Process Manager Individual responsible for operational (day-to-day) management of a process. Certified Agile Process
Owner
Process Owner Role accountable for the overall quality of a process. May be assigned to the same DevOps Foundation,
person who carries out the Process Manager role, but the two roles may be separate in DevSecOps Engineering,
larger organizations. (ITIL definition) Certified Agile Service
Manager
Process Owner Person accountable for the overall quality of a process and the owner of the Process Certified Agile Service
Backlog. Manager
Process Planning A high-level event to define the goals, objectives, inputs, outcomes, activities, Certified Agile Service
Meeting stakeholders, tools and other aspects of a process. This meeting is not timeboxed. Manager
Process Supplier Creator of process input. Certified Agile Service

Manager
Processing Time The period during which one or more inputs are transformed into a finished product by DevOps Leader
a manufacturing or development procedure. (Business Dictionary)
Product Backlog Prioritized list of functional and non-functional requirements for a system usually Certified Agile Process
expressed as user stories. Owner
Product Backlog Requirements for a system, expressed as a prioritized list of product backlog items. Certified Agile Service
(Scrum) The product backlog is prioritized by the Product Owner and includes functional, Manager, DevOps
non-functional and technical team-generated requirements. Foundation
Product Backlog Ongoing process of adding detail, estimates and order to backlog items. Sometimes Certified Agile Service
Refinement referred to as Product Backlog grooming. Manager
Product Owner An individual responsible for maximizing the value of a product and for managing the Certified Agile Process
product backlog. Prioritizes, grooms, and owns the backlog. Gives the squad purpose. Owner, Certified Agile
Leader
Product Owner (Scrum) An individual responsible for maximizing the value of a product and for managing the Certified Agile Service
product backlog. Manager, DevOps
Foundation
ProgrammingBased Test cases are created by writing code in a programming language. E.g. JavaScript, Continuous Delivery
Python, TCL, Ruby Architecture, DevOps Test
Engineering
Project Temporary endeavor undertaken to create a unique product, service or result. Certified Agile Process
Owner
Provision Platforms Tools that provide platforms for provisioning infrastructure (e.g., Puppet, Chef, Salt) DevOps Leader
QTP Quick Test Professional is a functional and regression test automation tool for software DevOps Test Engineering
applications. Licensed by HP
Quality of the Solution The "Q" in the Magic Equation that represents quality. DevOps Leader
RACI Matrix Maps roles and responsibilities to the activities of a process or project. Certified Agile Process
Owner
Ranorex GUI test automation framework for testing of desktop, webbased and mobile DevOps Test Engineering
applications. Licensed by Ranorex
Regression testing The purpose of the test is to determine if a new version of an EUT has broken Continuous Delivery
somethings that worked previously Architecture, DevOps Test
Engineering
Regulatory compliance The purpose of the test is to determine if an EUT conforms to specific regulatory DevOps Test Engineering
requirements. E.g. verify an EUT
Regulatory compliance The purpose of the test is to determine if an EUT conforms to specific regulatory Continuous Delivery
testing requirements. E.g. verify an EUT satisfies government regulations for consumer credit Architecture
card processing.
Release Software that is built, tested and deployed into the production environment. Continuous Delivery
Architecture, DevOps
Engineering
Release Acceptance Measurable attributes for a release package which determine whether a release Continuous Delivery
Criterion candidate is acceptable for deployment to customers. Architecture, DevOps Test
Engineering
Release Candidate A release package that has been prepared for deployment, may or may not have Continuous Delivery
passed the Release Architecture, DevOps Test
Engineering
Release Management Process that manages releases and underpins Continuous Delivery and the DevOps Foundation,
Deployment Pipeline. DevSecOps Engineering
Release Planning Timeboxed event that establishes the goals, risks, features, functionality, delivery date Certified Agile Service
Meeting and cost of a release. It also includes prioritizing the Product Backlog. Manager
Release Planning Event that establishes the goals, risks, features, functionality, delivery date and cost of Certified Agile Process
Meeting (Scrum) a release. Also includes prioritizing the Product Backlog. This meeting is optional and Owner
is not time-boxed.
Relevance A Continuous Testing tenet which emphasizes a preference to focus on the most Continuous Delivery
important tests and test results Architecture, DevOps Test
Engineering
Reliability Measure of how long a service, component or CI can perform its agreed function DevOps Foundation,
without interruption. Usually measured as MTBF or MTBSI. (ITIL definition) DevSecOps Engineering
Reliability Test The purpose of the test is to determine if a complete system performs as expected Continuous Delivery
under stressful and loaded conditions over an extended period of time. Architecture, DevOps Test
Engineering
Remediation Action to resolve a problem found during DevOps processes. E.g. Rollback changes Continuous Delivery
for an EUT change that resulted in a CT a test case fail verdict. Architecture, DevOps Test
Engineering
Remediation Plan Plan that determines the actions to take after a failed change or release. (ITIL DevOps Foundation,
definition) DevSecOps Engineering
Request for Change Formal proposal to make a change. The term RFC is often misused to mean a change DevOps Foundation
(RFC) record, or the change itself. (ITIL definition)
Resilience Building an environment or organization that is tolerant to change and incidents. DevSecOps Engineering
Responsibilities DevOps Test Engineering
REST Representation State Transfer. Software architecture style of the worldwide web. Continuous Delivery
Engineering
Restful API Representational state transfer (REST) or RESTful services on a network, such as Continuous Delivery
HTTP, provide scalable interoperability for requesting systems to quickly and reliably Architecture
access and manipulate textual representations (XML, HTML, JSON) of resources using
stateless operations (GET, POST, PUT, DELETE, etc.).
RESTful interface The purpose of the test is to determine if an API satisfies its design criterion and the Continuous Delivery
testing expectations of the REST architecture. Architecture, DevOps Test
Engineering
Return on Investment Difference between the benefit achieved and the cost to achieve that benefit, DevOps Foundation,
(ROI) expressed as a percentage. DevSecOps Engineering
Rework The time and effort required to correct defects (waste). DevOps Leader
Risk Possible event that could cause harm or loss or affect an organization's ability to DevOps Foundation,
achieve its objectives. The management of risk consists of three activities: identifying DevSecOps Engineering
risks, analyzing risks and managing risks. The probably frequency and probable
magnitude of future loss. Pertains to a possible event that could cause harm or loss or
affect an organization's ability to execute or achieve its objectives.
Risk Event Possible event that could cause harm or loss or affect an organization's ability to DevOps Leader
achieve its objectives. The management of risk consists of three activities: identifying
risks, analyzing risks and managing risks.
Risk management The process by which "risk" is contextualized, assessed, and treated. From ISO 31000: DevSecOps Engineering
process 1) Establish context, 2) Assess risk, 3) Treat risk (remediate, reduce or accept).
Robot Framework TDD framework created and supported by Google. Continuous Delivery
Engineering
Role Set of responsibilities, activities and authorities granted to a person or team. A role is DevOps Foundation,
defined by a process. One person or team may have multiple roles. A set of DevSecOps Engineering
permissions assigned to a user or group of users to allow a user to perform actions
within a system or application.
Role-based Access {+}An approach to restricting system access to authorized users. https://en.wikipedia.or DevSecOps Engineering
Control (RBAC) g/wiki/Role-based_access_control+
Rollback Software changes which have been integrated are removed from the integration. Continuous Delivery
Engineering
Root Cause Analysis Actions take to identify the underlying cause of a problem or incident. DevOps Foundation,
(RCA) DevSecOps Engineering
Rugged Development Rugged Development (DevOps) is a method that includes security practices as early in DevOps Foundation
(DevOps) the continuous delivery pipeline as possible to increase cybersecurity, speed, and
quality of releases beyond what DevOps practices can yield alone.
Rugged DevOps Rugged DevOps is a method that includes security practices as early in the continuous Continuous Delivery
delivery pipeline as possible to increase cybersecurity, speed, and quality of releases Architecture, DevOps Test
beyond what DevOps practices can yield alone. Engineering
Sanity Test A very basic set of tests that determine if a software is functional at all. Continuous Delivery
Engineering
Scaled Agile A proven, publicly available, framework for applying Lean-Agile principles and practices DevOps Foundation
Framework (SAFE) at an enterprise scale.
Scheduling Scheduling: the process of planning to release changes into production. DevOps Leader
Scrum A simple framework for effective team collaboration on complex projects. Scrum Certified Agile Service
provides a small set of rules that create "just enough" structure for teams to be able to Manager, DevOps
focus their innovation on solving what might otherwise be an insurmountable Foundation
challenge. (Scrum.org)
Scrum Artifacts Product Backlog, Sprint Backlog, Burndown Chart, Product Increment Certified Agile Process
Owner
Scrum Components Scrum's roles, events, artifacts and the rules that bind them together. Certified Agile Service
Manager
Scrum Events Release Planning Meeting (optional), Sprint Planning Meeting, Sprint, Daily Scrum, Certified Agile Process
Sprint Review, Sprint Retrospective Owner
Scrum Guide The definition of Scrum concepts and practices, written by Ken Schwaber and Jeff Certified Agile Service
Sutherland. Manager
Scrum Pillars Pillars that uphold the Scrum framework that include: Transparency, Inspection and Certified Agile Process
Adaption. Owner
Scrum Roles Product Owner, Development Team (Team) and ScrumMaster. See also Agile Service Certified Agile Process
Management Roles. Owner
Scrum Team A self-organizing, cross-functional team that uses the Scrum framework to deliver DevOps Foundation
products iteratively and incrementally. The Scrum Team consists of a Product Owner,
the Development Team, and a Scrum Master.
Scrum values A set of fundamental values and qualities underpinning the Scrum framework: Certified Agile Process
commitment, focus, openness, respect and courage. Owner, Certified Agile
Service Manager
ScrumMaster An individual who provides process leadership for Scrum (i.e., ensures Scrum DevOps Foundation
practices are understood and followed) and who supports the Scrum Team by
removing impediments.
Security (Information Practices intended to protect the confidentiality, integrity and availability of computer DevOps Foundation,
Security) system data from those with malicious intentions. DevSecOps Engineering
Security as Code Automating and building security into DevOps tools and practices, making it an DevOps Foundation,
essential part of tool chains and workflows. DevSecOps Engineering
Security tests The purpose of the test is to determine if an EUT meets its security requirements. An Continuous Delivery
example is a test that determines if an EUT processes login credentials properly. Architecture, DevOps Test
Engineering
Selenium Popular opensource tool for software testing GUI and web applications. Continuous Delivery
Engineering
Self-organizing Team Management principle in which a team chooses how best to accomplish their work, Certified Agile Process
rather than being directed by others outside the team. Self-organization happens within Owner
boundaries and against given goals (i.e., what to do).
Selforganizing The management principle that teams autonomously organize their work. Certified Agile Service
Selforganization happens within boundaries and against given goals. Teams choose Manager
how best to accomplish their work, rather than being directed by others outside the
team.
Service Means of delivering value to customers by facilitating outcomes customers want to DevOps Foundation,
achieve without the ownership of specific costs and risks. DevSecOps Engineering
Service Catalog Subset of the Service Portfolio that consists of services that are live or available for DevOps Foundation
deployment. Has two aspects: The Business/Customer Service Catalog (visible to
customers) and the Technical/Supporting Service Catalog. (ITIL definition)
Service Design One of the ITIL Core publications and a stage of the service lifecycle. DevOps Foundation
Service Desk Single point of contact between the service provider and the users. DevOps Foundation
Service Level Written agreement between an IT service provider and its customer(s) that defines key Certified Agile Process
Agreement (SLA) service targets and responsibilities of both parties. An SLA may cover multiple services Owner, DevOps
or customers. (ITIL definition) Foundation
Service Level Process that ensures all current and planned IT services are delivered to agreed Certified Agile Process
Management achievable targets. (ITIL definition) Owner
Service Lifecycle Structure of the ITIL Core guidance. DevOps Foundation
Service Management Set of specialized organizational capabilities for providing value to customers in the DevOps Foundation
form of services. (ITIL definition)
Service Management Function that coordinates all processes and functions that manage a service provider's Certified Agile Process
Office (SMO) services throughout their lifecycle. Process Owners may report directly or via a 'dotted' Owner
reporting line to the SMO.
Service Operation One of the ITIL Core publications and a stage of the service lifecycle. DevOps Foundation
Service Provider Organization that supplies services to one or more internal or external customers. (ITIL DevOps Foundation
definition)
Service Request User request for a standard service from an IT service provider. (ITIL definition) DevOps Foundation
Service Strategy One of the ITIL Core publications and a stage of the service lifecycle. DevOps Foundation
Service Transition One of the ITIL Core publications and a stage of the service lifecycle. DevOps Foundation
Seven Pillars of DevOps Seven distinct "pillars" provide a foundation for DevOps systems which include Continuous Delivery
Collaborative Culture, Design for DevOps, Continuous Integration, Continuous Testing, Architecture
Continuous Delivery and Deployment, Continuous Monitoring and Elastic
Infrastructures and Tools.
Shift Left An approach that strives to build quality into the software development process by DevOps Foundation,
incorporating testing early and often. This notion extends to security architecture, DevSecOps Engineering
hardening images, application security testing, and beyond.
SilkTest Automated function and regression testing of enterprise applications. Licensed by DevOps Test Engineering
Borland.
Six Sigma Disciplined, data-driven approach that focuses on reducing defects by measuring Certified Agile Process
standard deviations from an expected norm. Owner
SMART Goals Specific, measurable, achievable, relevant and time-bound goals. DevOps Foundation
Smoke Test A basic set of functional tests that are run immediately after a software component is Continuous Delivery
built. Same as CI Regression Test. Architecture, DevOps Test
Engineering
Snapshot Report of pass/fail results for a specific build. Continuous Delivery

Engineering
SOAP Simple ObjectOriented Transfer. Protocol for exchanging structured information in the Continuous Delivery
implementation of Architecture, DevOps Test
Engineering
Software Composition A tool that checks for libraries or functions in source code that have known DevSecOps Engineering
Analysis vulnerabilities.
Software Delivery The process used to design, develop and test high quality software. DevOps Leader
Lifecycle (SDLC)
Software Version A repository tool which is used to manage software changes. Examples are: Azure Continuous Delivery
Management System DevOps, BitBucket, Git, GitHub, GitLab, VSTS. Architecture, DevOps Test
Engineering
SoftwareasaService Category of cloud computing services in which software is licensed on a subscription DevOps Foundation,
(SaaS) basis. Continuous Delivery
Engineering
Source Code Tools Repositories for controlling source code for key assets (application and infrastructure) DevOps Foundation,
as a single source of truth. DevOps Leader
Spotify Squad Model An organizational model that helps teams in large organizations behave like startups DevOps Foundation,
and be nimble. DevOps Leader
Sprint A period of 24 weeks during which an increment of product work is completed. Certified Agile Process
Service Manager,
Continuous Delivery
Architecture
Sprint (Scrum) A time-boxed iteration of work during which an increment of product functionality is DevOps Foundation
implemented.
Sprint Backlog Subset of the backlog that represents the work that must be completed to realize the Certified Agile Process
Sprint Goal. Owner, DevOps
Foundation
Sprint Goal Purpose and objective of a Sprint, often expressed as a business problem that is going Certified Agile Process
to be solved. Owner, Certified Agile
Service Manager
Sprint Planning Meeting A 4 to 8-hour time-boxed event that defines the Sprint Goal, the increment of the Certified Agile Process
Product Backlog that will be completed during the Sprint and how it will be completed. Owner, Certified Agile
Service Manager
Sprint Retrospective A 1.5 to 3-hour time-boxed event during which the Team reviews the last Sprint and Certified Agile Process
identifies and prioritizes improvements for the next Sprint. Owner, Certified Agile
Service Manager
Sprint Review A time-boxed event of 4 hours or less where the Team and stakeholders inspect the Certified Agile Process
work resulting from the Sprint and update the Product Backlog. Owner, Certified Agile
Service Manager
Squads A cross-functional, co-located, autonomous, self-directed team. DevOps Leader
Stakeholder Person who has an interest in an organization, project or IT service. Stakeholders may DevOps Foundation,
include customers, users and suppliers. (ITIL definition). DevSecOps Engineering
Standard Change Pre-approved, low risk change that follows a procedure or work instruction. (ITIL DevOps Foundation,
definition) DevSecOps Engineering
Static Application A type of testing that checks source code for bugs and weaknesses. DevSecOps Engineering
Security Testing (SAST)
Static Code Analysis The purpose of the test is to detect source code logic errors and omissions such as Continuous Delivery
memory leaks, unutilized variables, unutilized pointers. Architecture, DevOps Test
Engineering
Sticks Negative incentives, for discouraging or punishing undesired behaviors. DevSecOps Engineering
Stormstack A commercial orchestration tool based on event triggers instead of time based. DevOps Test Engineering
Strategic Sprint A 24 week timeboxed Sprint during which strategic elements that were defined during Certified Agile Process
the Process Planning Meeting are completed so that the Team can move on to Owner, Certified Agile
designing the activities of the process. Service Manager
Structural Changes Changes in the hierarchy of authority, goals, structural characteristics, administrative DevOps Leader
procedures and management systems.
Supplier External (third party) supplier, manufacturer or vendor responsible for supplying goods DevOps Foundation
or services that are required to deliver IT services.
Synthetic Monitoring Synthetic monitoring (also known as active monitoring, or semantic monitoring) runs a Continuous Delivery
subset of an application's automated tests against the system on a regular basis. The Architecture
results are pushed into the monitoring service, which triggers alerts in case of failures.
System of Record A system of record is the authoritative data source for a data element or data entity. DevOps Foundation,
System Test The purpose of the test is to determine if a complete system performs as expected in Continuous Delivery
its intended configurations. Architecture, DevOps Test
Engineering
System Under Test The EUT is an entire system. E.g. Bank teller machine is being tested. Continuous Delivery
(SUT) Architecture, DevOps Test
Engineering
TagBased Test Tests and Code modules are preassigned tags. Tests are selected for a build matching Continuous Delivery
Selection Method preassigned tags. Architecture, DevOps Test
Engineering
Team Dynamics A measurement of how a team works together. Includes team culture, communication DevOps Leader
styles, decision making ability, trust between members, and the willingness of the team
to change.
Test Architect Person who has responsibility for defining the overall endtoend test strategy for an Continuous Delivery
EUT. Architecture, DevOps Test
Engineering
Test Artifact Repository Database of files used for testing. Continuous Delivery
Engineering
Test Campaign A test campaign may include one or more test sessions. Continuous Delivery
Engineering
Test Case Set of test steps together with data and configuration information. A test case has a Continuous Delivery
specific purpose to test at least one attribute of the EUT. Architecture, DevOps Test
Engineering
Test Creation Methods This is a class of test terms which refers to the methodology used to create test cases. Continuous Delivery
Engineering
Test Driven Test-driven development (TDD) is a software development process in which the Continuous Delivery
Development (TDD) developer writes a test before composing code. They then follow this process: Architecture, DevOps
Foundation, DevOps Test
1. Write the test Engineering
2. Run the test and any others that are relevant and see them fail
3. Write the code
4. Run test(s)
5. Refactor code if needed
6. Repeat
Unit level tests and/or application tests are created ahead of the code that is to be
tested
Test Duration The time it takes to run a test. E.g. # hours per test Continuous Delivery
Engineering
Test Environment The test environment refers to the operating system (e.g. Linus, windows version etc.), Continuous Delivery
configuration of software (e.g. parameter options), dynamic conditions (e.g. CPU and Architecture, DevOps Test
memory utilization) and physical environment (e.g. power, cooling) in which the tests Engineering
are performed.
Test Fast A CT tenet referring to accelerated testing. Continuous Delivery

Engineering
Test Framework A set of processes, procedures, abstract concept and environment in which automated Continuous Delivery
tests are designed and implemented Architecture, DevOps Test
Engineering
Test Harness A tool which enables the automation of tests. It refers to the system test drivers and Continuous Delivery
other supporting tools that requires to execute tests. It provides stubs and drivers Architecture, DevOps Test
which are small programs that interact with the software under test. Engineering
Test Hierarchy This is a class of terms describes the organization of tests into groups. Continuous Delivery
Engineering
Test Methodology This class of terms identifies the general methodology used by a test. Examples are Continuous Delivery
White Box, Black Box Architecture, DevOps Test
Engineering
Test result repository Database of test results. Continuous Delivery

Engineering
Test Results A matrix of correlation factors correlates test cases and code modules according to test Continuous Delivery
Trendbased result (verdict) Architecture, DevOps Test
Engineering
Test Roles This class of terms identifies general roles and responsibilities for people relevant to Continuous Delivery
testing. Architecture, DevOps Test
Engineering
Test Script Automated test case. A single test script may be implemented one or more test cases Continuous Delivery
depending on the data Architecture, DevOps Test
Engineering
Test Selection Method This class of terms refers to the method used to select tests to be executed on a Continuous Delivery
version of an EUT. Architecture, DevOps Test
Engineering
Test Session Set of one or more test suites that are run together on a single build at a specific time. Continuous Delivery
Engineering
Test Suite Set of test cases that are run together on a single build at a specific time. Continuous Delivery
Engineering
Test Trend History of verdicts Continuous Delivery

Engineering
Test Type Class that indicates what the purpose of the test is. Continuous Delivery
Engineering
Test Version The version of files used to test a specific build. Continuous Delivery
Engineering
Tester Individual who has responsibility to test a system or service. Continuous Delivery
Engineering
Testing Tools Tools that verify code quality before passing the build. DevOps Leader
The Advice Process Any person deciding must seek advice from everyone meaningfully affected by the DevSecOps Engineering
decision and people with expertise in the matter. Advice received must be taken into
consideration, though it does not have to be accepted or followed. The objective of the
advice process is not to form consensus, but to inform the decision-maker so that they
can make the best decision possible. Failure to follow the advice process undermines
trust and unnecessarily introduces risk to the business.
The Checkbox Trap The situation wherein an audit-centric perspective focuses exclusively on "checking the DevSecOps Engineering
box" on compliance requirements without consideration for overall security objectives.
The Three Ways Key principles of DevOps – Flow, Feedback, Continuous experimentation and learning. DevOps Foundation,
Theory of Constraints Methodology for identifying the most important limiting factor (i.e., constraint) that DevOps Foundation,
stands in the way of achieving a goal and then systematically improving that constraint DevSecOps Engineering
until it is no longer the limiting factor.
Thomas Kilmann Measures a person's behavioral choices under certain conflict situations. DevOps Foundation
Inventory (TKI)
Threat A bad actor, human or automated, that acts against a system with intent to harm or DevSecOps Engineering
compromise that system. Sometimes also called a "Threat Agent" or "Threat Actor."
Threat Intelligence Information pertaining to the nature of a threat or the actions a threat may be known to DevSecOps Engineering
be perpetrating. May also include "indicators of compromise" related to a given threat's
actions, as well as a "course of action" describing how to remediate the given threat
action.
Threat Modeling A method that ranks and models potential threats so that the risk can be understood DevSecOps Engineering
and mitigated in the context of the value of the application(s) to which they pertain.
Time to Market The period of time between when an idea is conceived and when it is available to DevOps Leader
customers.
Time to Value Measure of the time it takes for the business to realize value from a feature or service. DevOps Foundation,
Time-box Maximum duration of a Scrum event. Certified Agile Process

Service Manager
Tool This class describes tools that orchestrate, automate, simulate and monitor EUT's and Continuous Delivery
infrastructures. Architecture, DevOps Test
Engineering
Toolchain A philosophy that involves using an integrated set of complimentary task specific tools DevOps Foundation
to automate an end to end process (vs. a single-vendor solution).
Transformational A leadership model in which leaders inspire and motivate followers to achieve higher DevOps Leader
Leadership performance by appealing to their values and sense of purpose, facilitating wide-scale
organizational change (State of DevOps Report, 2017).
Tribe Lead A senior technical leader that has broad and deep technical expertise across all the DevOps Leader
squads' technical areas. A group of squads working together on a common feature set,
product or service is a tribe in Spotify's definitions.
Tribes A collection of squads with a long-term mission that work on/in a related business DevOps Leader
capability.
Trunk The primary source code integration repository for a software product. Continuous Delivery
Engineering
Unit Test The purpose of the test is to verify code logic. Continuous Delivery
Engineering
Usability Test The purpose of the test is to determine if humans have a satisfactory experience when Continuous Delivery
using an EUT. Architecture, DevOps Test
Engineering
User Consumer of IT services. Or, the identity asserted during authentication (aka DevOps Foundation,
username). DevSecOps Engineering
User Story Statement written from the user's business perspective that describes how the user will Certified Agile Process
achieve a goal from a feature of the product. User stories are captured in the Product Owner, Certified Agile
Backlog (or Process Backlog). Service Manager
Value Added Time The amount of time spent on an activity that creates value (e.g., development, testing). DevOps Leader
Value Efficiency Being able to produce value with the minimum amount of time and resources. DevOps Leader
Value Stream All of the activities to go from a customer request to a delivered product or service. DevOps Foundation
Value Stream Mapping Lean tool that depicts the flow of information, materials and work across functional silos DevOps Foundation
with an emphasis on quantifying waste, including time and quality.
Value Stream Owner Individual accountable to senior management for improving the value to non-value ratio Certified Agile Process
of a given product or service. Owner
Variable Speed IT An approach where traditional and digital processes co-exist within an organization DevOps Foundation
while moving at their own speed.
Velocity Measure of the quantity of work done in a pre-defined interval. The amount of work an DevOps Foundation,
individual or team can complete in a given amount of time. DevSecOps Engineering
Verdict Test result classified as Fail, Pass or Inconclusive. Continuous Delivery

Engineering
Version control tools Ensure a 'single source of truth' and enable change control and tracking for all DevOps Foundation
production artifacts.
Vertical Scaling Computing resources are scaled higher to increase processing speed e.g. using faster DevOps Test Engineering
computers to run more tasks faster.
Voice of the Customer A process that captures and analyzes customer requirements and feedback to DevOps Foundation
(VOC) understand what the customer wants.
Vulnerability A weakness in a design, system, or application that can be exploited by an attacker. DevSecOps Engineering
Vulnerability Intelligence Information describing a known vulnerability, including affected software by version, DevSecOps Engineering
relative severity of the vulnerability (for example, does it result in escalation of
privileges for user role, or does it cause a denial of service), exploitability of the
vulnerability (how easy/hard it is to exploit), and sometimes current rate of exploitation
in the wild (is it being actively exploited or is it just theoretical). This information will
also often include guidance on what software versions are known to have remediated
the described vulnerability.
Vulnerability The process of identifying and remediating vulnerabilities. DevSecOps Engineering

management
Wait Time The amount of time wasted on waiting for work (e.g., waiting for development and test DevOps Leader
infrastructure, waiting for resources, waiting for management approval).
Waste (Lean Any activity that does not add value to a process, product or service. Certified Agile Process
Manufacturing) Owner, Certified Agile
Foundation, DevOps
Leader
Waterscrumfall A hybrid approach to application lifecycle management that combines waterfall and Continuous Delivery
Scrum development can complete in a given amount of time. Architecture
Waterfall (Project Linear and sequential approach to managing software design and development Certified Agile Service
Management) projects in which progress is seen as flowing steadily (and sequentially) downwards Manager, Continuous
(like a waterfall). Delivery Architecture,
DevOps Foundation
Weakness An error in software that can be exploited by an attacker to compromise the DevSecOps Engineering
application, system, or the data contained therein. Also called a Vulnerability.
Westrum (Organization Ron Westrum developed a typology of organizational cultures that includes three types DevSecOps Engineering
Types) of organizations: Pathological (power-oriented), Bureaucratic (rule-oriented) and
Generative (performance-oriented).
WhiteBox Testing Test cases use extensive knowledge of the internal design structure or workings of an Continuous Delivery
(or Clear-, Glass-, application, as opposed to its functionality (i.e. Black-Box Testing). Architecture, DevOps Test
Transparent-Box Engineering
Testing or Structural
Testing)
Whitelisting Application whitelisting is the practice of specifying an index of approved software Continuous Delivery
applications that are permitted to be present and active on a computer system. Architecture
Work in Progress (WIP) Any work that has been started but has not been completed. DevOps Foundation
Workaround Temporary way to reduce or eliminate the impact of incidents or problems. May be DevOps Foundation,
logged as a known error in the Known Error Database. (ITIL definition). DevSecOps Engineering
DevOps Foundation
Examination Requirements
©
DevOps Institute DO-FD Examination Requirements, R3.0
DevOps Foundation Certificate
DevOps Foundation is a freestanding certification from the DevOps Institute. The

purpose of this course and its associated exam is to impart, test and validate
knowledge of DevOps basic vocabulary, principles and practices. The vocabulary
terms, concepts and practices are documented in the course learner manual. DevOps
Foundation is intended to provide individuals an understanding of basic DevOps
concepts and how DevOps may be used to improve communication, collaboration and integration
between software developers and IT operations professionals.
Eligibility for Examination

DevOps Institute highly recommends the following to prepare candidates for the exam leading to
DevOps Foundation certification:
• It is recommended that candidates complete at least 16 contact hours (instruction and labs) as part
of a formal, approved training course delivered by an approved Registered Education Partner of the
DevOps Institute
• It is recommended that students complete at a minimum 6 hours of personal study by reviewing the
vocabulary list and pertinent areas of the course learner manual and by completing the sample
exam
Examination Administration
The DevOps Foundation examination is accredited, managed and administered under the strict
protocols and standards of the DevOps Institute’s strategic examination partner, PeopleCert.
Level of Difficulty
The DevOps Foundation certification uses the Bloom Taxonomy of Educational Objectives in the
construction of both the content and the examination.
• The DevOps Foundation exam contains Bloom 1 questions that test learners’ knowledge of
DevOps concepts and vocabulary terms (see list below)
• The exam also contains Bloom 2 questions that test learner’s comprehension of these concepts
in context
Format of the Examination

Candidates must achieve a passing score to gain the DevOps Foundation Certificate.
Exam Type 40 multiple choice questions

Duration 60 minutes for candidates in their respective language
75 minutes if English is not a candidate’s native tongue
Prerequisites DevOps Foundation course from a DevOps Institute Registered Education Partner
(REP)
Supervised Yes
Open Book No
Passing Score 65%
Delivery Online or invigilated in person
Badge DevOps Foundation Certified
©
Exam Topic Areas and Question Weighting
The DevOps Foundation exam requires knowledge of the topic areas described below.
Module Description Max Questions
DOFD – 1 Exploring DevOps Purpose, objectives and business value 5

of DevOps
DOFD – 2 Core DevOps Principles The Three Ways 4
DOFD – 3 Key DevOps Practices Emerging DevOps Practices such as 7

continuous delivery and continuous
integration
DOFD – 4 Business & Technology The relationship between relevant 7
Frameworks frameworks and standards and DevOps
DOFD – 5 DevOps Values - Culture, Characteristics of a DevOps culture and 6
Behaviors & Operating Models of culture change
DOFD – 6 DevOps Values - Automation The Deployment Pipeline, DevOps 5
& Architecting DevOps Toolchains toolchains and other automation
considerations
DOFD – 7 DevOps Values – Common DevOps practices and related 2
Measurement, Metrics & Reporting processes
DOFD – 8 DevOps Values: Sharing, Responsibilities of key roles and 4
Shadowing and Reporting considerations relative to
organizational structure. Getting
started - adoption challenges, risks,
critical success factors and key
performance measures
©
Concept and Terminology List
After studying this course, the candidate is expected to understand the following DevOps concepts and
vocabulary at a Blooms Level 1 and 2.
● Agile Manifesto ● Improvement kata

● Agile service management ● IT service management
● Agile software development ● Kanban
● Application Programming Interface (API) ● Lean production
● CALMS ● Lean thinking
● Change failure rate ● Lean tools
● Change fatigue ● Lean types of Waste (DOWNTIME)
● Change lead time ● Microservices
● ChatOps ● Open source
● Code commit ● Organizational culture
● Collaboration and communication ● Organizational considerations
● Collective Body of Knowledge (CBOK) ● Outcome economy
● Configuration management tools ● Pace-Layered Application Strategy
● Conflict management ● Process Model
● Constraint ● Rugged DevOps
● Containers ● Scaled Agile Framework (SAFe)
● Continuous integration ● Scrum
● Continuous delivery ● Scrum roles, artifacts and events
● Continuous deployment ● Sharing opportunities
● Cultural debt ● Service
● Cycle time ● Shift left
● Deployment pipeline ● Simian Army/Chaos Monkey
● Deployment frequency ● Test driven development
● DevSecOps ● Testing (unit, acceptance, integration)
● DevOps ● The Three Ways
● DevOps metrics ● Theory of Constraints
● DevOps stakeholders ● DevOps toolchain
● DevOps teams ● Value stream mapping
● DevOps roles ● Variable speed IT
● Flow ● Velocity
● Golden Circle ● Waste
● High-performing organizations ● Waterfall
● Impediment
● Immersion
©
DevOps Foundation V3.10
Sample Examination
DOFD V3.0 Sample Exam Revised 07.2018

1. A small group of individuals recently returned from a conference where they learned
about DevOps. They cannot agree on how to get started. Where should an IT organization
start when adopting DevOps practices?
A. Understand why the organization exists

B. Pick the right applications to pilot
C. Develop a long-term strategy
D. Identify tools and training needed
2. What is the Three Ways?
A. Methodology for identifying and removing constraints

B. The key principles of DevOps
C. Disciplined, data-driven approach for reducing waste
D. A methodology for performing continuous improvement
3. Which statement about Kanban is CORRECT?
A. Pushes work through a process

B. Requires a workflow management tool
C. Pulls work through a process
D. Enables more work in progress
4. What is the Agile Manifesto?
A. Values and principles to guide an iterative and people-centric approach to software

development
B. Methodology that focuses on making sure software is always in a releasable state
throughout its lifecycle
C. Declaration of the benefits and intentions of DevOps
D. Intentions and motives of being an agile enterprise
5. An organization is trying to overcome the challenges of their legacy silo culture where
teams have been organized by subject matter expertise. What is this organization suffering
from?
A. Cultural debt
B. Change fatigue
C. Organizational change
D. Low trust
1
6. Which statement BEST describes change fatigue?
A. Aggressive resistance
B. Apathy
C. Finger pointing
D. Exhaustion
7. Due to a tightly-coupled architecture, an organization is unable to increase the frequency

of releases for a key service. When releases do occur, they are extremely painful and the
organization’s competitive advantage is eroding as a result. Which software development
approach could be used to improve this situation?
A. Test-driven development
B. Containers
C. Microservices
D. Chaos Monkey
8. An organization has just completed the deployment of a pilot release using DevOps
practices and a preliminary deployment pipeline. Which metric would provide the most
information to help them continually improve?
A. Mean Time to Repair (MTTR)

B. Change lead and cycle times
C. Knowledge sharing
D. All of the above
9. Which statement about DevOps teams is MOST accurate?
A. They are responsible for establishing DevOps practices across the enterprise
B. They are accountable for the development of the deployment pipeline
C. They should be a fixed team that works together on long term projects
D. They should have shared accountabilities
10. An organization recently held an internal DevOps Days. During one of the openspace
sessions, it was suggested that there be more opportunities for dev, ops, security and other
IT areas to interact and share. What sort of opportunities should the organization consider?
A. Hackathons
B. Simulations
C. Immersion opportunities
D. All of the above
2
11. Which of the following roles are DevOps stakeholders?
A. QA testers
B. Support professionals
C. Suppliers
D. All of the above
12. Which is NOT a goal of DevOps?
A. Improved productivity
B. Fewer but higher-quality software releases
C. Lower risk software deployments
D. Improved quality of code
13. An organization is implementing a disruptive application similar to the Simian Army.

Which of the Three Ways are they introducing?
A. The First Way

B. The Second Way
C. The Third Way
D. The Phoenix Project
14. An organization is looking to improve real-time collaboration between teams. Which

DevOps practice should they be considering?
A. Kanban
B. ChatOps
C. Escalation
D. Alerts
15. Which is a characteristic of a DevOps culture?
A. Effective one-way communication from the top down

B. Recognizing the best and brightest for their successes
C. Shared vision, goals and incentives
D. All of the above
3
16. Which BEST describes a deployment pipeline?
A. Automation version of the ITSM change management process

B. Automated process for managing software changes from check-in to release
C. Collection of tools that enable continuous integration
D. Sequence of value-adding activities required to design, build and deliver a product
17. At a recent conference, a CIO was told that her organization should invest heavily in
machine learning. Back at the office, she asked one of her senior leadership team to pull
together an investment case. What is unlikely to be a direct benefit they are likely to receive
from using artificial intelligence and should not be included in the investment case?
A. Predicting future scenarios

B. Finding new trends and correlations
C. Augmenting human contribution and boosting productivity
D. Building a blame free culture
18. Which statement about the Improvement Kata is CORRECT?
A. It focuses on short term goal

B. It is a 7-step process
C. It considers the organization’s long-term vision or direction
D. It should be performed as time allows
19. In the context of agile software development, which of the following is NOT a
responsibility of IT Operations?
A. Managing the product backlog

B. Defining non-functional requirements
C. Identifying security requirements
D. Provisioning the infrastructure
20. Which of the following is a characteristic of a high trust organizational culture?
A. Good information flow

B. Cross-functional collaboration
C. Learning from failures and new ideas
D. All of the above
4
21. Why is organizational culture a critical success factor for DevOps?
A. It represents the values and behaviors that contribute to the unique social and psychological
environment of an organization
B. It represents a command and control approach to the delivery of services
C. It represents the way that an organization is structured and organized
D. It reflects the strategic direction of the business’ leadership
22. What is a primary benefit of DevOps toolchains?
A. To automate steps in the deployment pipeline

B. To trace features’ journeys from inception to live
C. To ensure that the architectural design supports interoperability and consistency
D. All of the above
23. Which of the following DevOps roles is NOT YET well defined?
A. Systems engineer
B. Continuous delivery automation architect
C. DevOps engineer
D. Experience assurance
24. An organization is implementing DevOps. The developers concerned that their ITSM
processes are too complex, slow and will not support DevOps principles and practices.
Which IT framework will help the organization instill agile thinking into existing ITSM
processes?
A. ITIL
B. Agile
C. Agile service management
D. Lean
25. Which lean tool depicts the flow of information, materials and work across functional
silos with an emphasis on quantifying and eliminating waste?
A. Improvement Kata
B. Continuous Delivery
C. Kanban
D. Value stream mapping
5
26. The business ‘why’ of the Golden Circle represents an organization’s
A. Purpose, cause and belief

B. Products and services
C. Competitive advantage
D. Profitability
27. What determines which DevOps principles and practices will BEST benefit an
organization?
A. Business strategies and goals

B. The commitment of early adopters
C. The availability of advanced tools
D. IT's capabilities and resources
28. The Theory of Constraints supports which of the Three Ways?
A. The First Way

B. The Second Way
C. The Third Way
D. All of the above
29. Which of the following is required for Continuous Integration?
A. Automated unit, integration and acceptance testing

B. Automated release management
C. Continuous delivery pipeline
D. Deployment pipeline
30. Which DevOps practice relies on a deployment pipeline that enables push-button
deployments on demand?
A. Continuous testing
B. Continuous integration
C. DevSecOps
D. Continuous delivery
6
31. Which of the following ITSM processes are most critical to DevOps?
A. Change, Release and Service Asset and Configuration Management

B. Incident, Problem and Event Management
C. Demand, Capacity and Information Security Management
D. All of the above
32. An organization has identified they have a culture of blame and fear, where incidents are
not valued and failure is not embraced as a learning opportunity. There are many single
points of failure and employees suffer daily as a result of the fragility of the systems,
enduring painful war-rooms during frequent outages. What should this organization look to
in order to improve the situation?
A. Safety Culture
B. Agile software development
C. Building a DevOps toolchain
D. Site Reliability Engineering
33. When trying to effect major change, who should be engaged in planning activities and
serve as change agents?
A. Early adopters
B. Naysayers
C. Management
D. People who need proof
34. What of the following is NOT a typical element in a DevOps toolchain?
A. Monitoring tools
B. Test automation
C. Version control
D. Service desk incident management systems
35. Which of the following is a critical success factor for DevOps?
A. Establishing a tool chain

B. Hiring DevOps Engineers
C. Management commitment to culture change
D. Automating everything
7
36. Which of the following is not a goal of DevOps leadership?
A. Help to improve self-diagnosis

B. Control and evaluate workers using metrics
C. Instil self-improvement
D. Translate local discoveries to global improvements
37. Which of the Three Ways encourages peer review of production changes?
A. The First Way

B. The Second Way
C. The Third Way
D. All of the above
38. What does the concept of “shift left” represent?
A. Building quality into the software development process via early and continuous testing
B. Passing release packages to IT Operations following completion of a batch of development
C. Performing random tests on code that is committed to a continuous integration server
D. Doing more testing in production after deployment
39. An organization is struggling with the additional time it takes for security reviews after
an Agile team completes a Sprint. The delay is impacting their ability to release. They want
to include more security testing as part of their “shift left” testing approach. Which DevOps
practice would they need?
A. ChatOps
B. Continuous Testing
C. DevSecOps
D. Vulnerability alerts
40. An organization is preparing to automatically deploy every release that passes

automated unit, integration, user acceptance and non-functional tests. Which DevOps
practice are they applying?
A. Continuous delivery
B. Continuous testing
C. Continuous deployment
D. Continuous integration
8
ANSWER KEY
Question Correct Answer Topic Area
1 A 1: Exploring DevOps
2 B 2: Core DevOps Principles
3 C 3: Key DevOps Practices
4 A 4: DevOps Values: Business & Technology Frameworks
5 A 5: DevOps Values: Culture, Behaviors & Operating Models
6 B 5: DevOps Values: Culture, Behaviors & Operating Models
7 C 6: DevOps Values: Automation & Architecting Toolchains
8 D 7: DevOps Values: Measurements, Metrics & Reporting
9 D 8: DevOps Values: Sharing, Shadowing & Evolving
10 D 7: DevOps Values: Measurements, Metrics & Reporting
11 D 1: Exploring DevOps
12 B 1: Exploring DevOps
13 C 2: Core DevOps Principles
14 B 3: Key DevOps Practices
15 C 5: DevOps Values: Culture, Behaviors & Operating Models
16 B 6: DevOps Values: Automation & Architecting Toolchains
17 D 6: DevOps Values: Automation & Architecting Toolchains
18 C 4: DevOps Values: Business & Technology Frameworks
20 D 5: DevOps Values: Culture, Behaviors & Operating Models
23 C 8: DevOps Values: Sharing, Shadowing & Evolving
24 C 4: DevOps Values: Business & Technology Frameworks
9
Question Correct Answer Topic Area
25 D 4: DevOps Values: Business & Technology Frameworks
28 A 2: Core DevOps Principles
29 A 3: Key DevOps Practices
30 D 3: Key DevOps Practices
31 D 4: DevOps Values: Business & Technology Frameworks
35 C 8: DevOps Values: Sharing, Shadowing & Evolving
36 B 8: DevOps Values: Sharing, Shadowing & Evolving
37 B 2: Core DevOps Principles
38 A 3: Key DevOps Practices
10

Devops Study Guide

Uploaded by

Document Information

Original Title

Copyright

Available Formats

Share this document

Share or Embed Document

Sharing Options

Did you find this document useful?

Is this content inappropriate?

Copyright:

Available Formats

Devops Study Guide

Uploaded by

Copyright:

Available Formats

DevOps Foundation Exam Study Guide

Accelerate Your DevOps Learning Path

• Glossary of DevOps Terms

Anti-pattern A commonly reinvented but poor solution to a problem. DevOps Foundation

ClearBox Same as GlassBox Testing and WhiteBox Testing. Continuous Delivery

COTS Commercialofftheshelf solution Continuous Delivery

Dashboard Graphical display of summarized test results. Continuous Delivery

Elastic Infrastructure Continuous Delivery

Epic Large user story. Certified Agile Process

Failure Rate Fail verdicts per unit of time. DevOps Foundation,

Frequency How often an application is released. DevOps Leader

GlassBox Same as ClearBox Testing and WhiteBox Testing. Continuous Delivery

IT Service A service provided to a customer from an IT organization. DevOps Foundation

Kaizen The practice of continuous improvement. DevOps Foundation

Lean (adjective) Spare, economical. Lacking richness or abundance. DevOps Foundation,

Mean Time Between Used to measure deployment frequency. DevOps Foundation,

Objective An aim or goal of a process. Certified Agile Process

Outcome Intended or actual results. DevOps Foundation,

Process Customer Recipient of a process' output. Certified Agile Service

Process Supplier Creator of process input. Certified Agile Service

Responsibilities DevOps Test Engineering

Service Lifecycle Structure of the ITIL Core guidance. DevOps Foundation

Snapshot Report of pass/fail results for a specific build. Continuous Delivery

Squads A cross-functional, co-located, autonomous, self-directed team. DevOps Leader

Test Fast A CT tenet referring to accelerated testing. Continuous Delivery

Test result repository Database of test results. Continuous Delivery

Test Trend History of verdicts Continuous Delivery

Time-box Maximum duration of a Scrum event. Certified Agile Process

Verdict Test result classified as Fail, Pass or Inconclusive. Continuous Delivery

Vulnerability The process of identifying and remediating vulnerabilities. DevSecOps Engineering

DevOps Foundation is a freestanding certification from the DevOps Institute. The

Eligibility for Examination

Format of the Examination

Exam Type 40 multiple choice questions

Module Description Max Questions

DOFD – 1 Exploring DevOps Purpose, objectives and business value 5

DOFD – 3 Key DevOps Practices Emerging DevOps Practices such as 7

● Agile Manifesto ● Improvement kata

DOFD V3.0 Sample Exam Revised 07.2018

A. Understand why the organization exists

2. What is the Three Ways?

A. Methodology for identifying and removing constraints

3. Which statement about Kanban is CORRECT?

A. Pushes work through a process

4. What is the Agile Manifesto?

A. Values and principles to guide an iterative and people-centric approach to software

7. Due to a tightly-coupled architecture, an organization is unable to increase the frequency

A. Mean Time to Repair (MTTR)

9. Which statement about DevOps teams is MOST accurate?

12. Which is NOT a goal of DevOps?

13. An organization is implementing a disruptive application similar to the Simian Army.

A. The First Way

14. An organization is looking to improve real-time collaboration between teams. Which

15. Which is a characteristic of a DevOps culture?

A. Effective one-way communication from the top down

A. Automation version of the ITSM change management process

A. Predicting future scenarios

18. Which statement about the Improvement Kata is CORRECT?

A. It focuses on short term goal

A. Managing the product backlog

20. Which of the following is a characteristic of a high trust organizational culture?

A. Good information flow

22. What is a primary benefit of DevOps toolchains?